apache/xerces-c: The latest CVE Vulnerabilities and Exploits for Penetration Test
apache/xerces-c Vulnerability Summary
- Vendor name: apache
- Product name: xerces-c
- Total vulnerabilities: 10 (as 2023-05-04)
apache/xerces-c Vulnerability List
CVE-2018-1311: The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during…
Published: 2019-12-18T20:15:00 Last Modified: 2022-02-07T16:15:00
Summary
The Apache Xerces-C 3.0.0 to 3.2.3 XML parser contains a use-after-free error triggered during the scanning of external DTDs. This flaw has not been addressed in the maintained version of the library and has no current mitigation other than to disable DTD processing. This can be accomplished via the DOM using a standard parser feature, or via SAX using the XERCES_DISABLE_DTD environment variable.
Common Weakness Enumeration (CWE): CWE-416: Use After Free
CWE Description: Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
Scores
- Impact Score: 6.4
- Exploitability Score: 8.6
- CVSS: 6.8
- CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Impact
- Availability: PARTIAL
- Confidentiality: PARTIAL
- Integrity: PARTIAL
Access
- Authentication: NONE
- Complexity: MEDIUM
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2018-1311 vulnerability.
References
- https://marc.info/?l=xerces-c-users&m=157653840106914&w=2
- https://lists.apache.org/thread.html/r48ea463fde218b1e4cc1a1d05770a0cea34de0600b4355315a49226b@%3Cc-dev.xerces.apache.org%3E
- https://access.redhat.com/errata/RHSA-2020:0704
- https://access.redhat.com/errata/RHSA-2020:0702
- https://lists.debian.org/debian-lts-announce/2020/12/msg00025.html
- https://www.debian.org/security/2020/dsa-4814
- https://lists.apache.org/thread.html/rabbcc0249de1dda70cda96fd9bcff78217be7a57d96e7dcc8cd96646@%3Cc-users.xerces.apache.org%3E
- https://lists.apache.org/thread.html/rfeb8abe36bcca91eb603deef49fbbe46870918830a66328a780b8625@%3Cc-users.xerces.apache.org%3E
- https://lists.apache.org/thread.html/r90ec105571622a7dc3a43b846c12732d2e563561dfb2f72941625f35@%3Cc-users.xerces.apache.org%3E
- https://www.oracle.com/security-alerts/cpujan2022.html
See also: All popular products CVE Vulnerabilities of apache
CVE-2017-12627: In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result…
Published: 2018-03-01T14:29:00 Last Modified: 2021-07-31T08:15:00
Summary
In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.
Common Weakness Enumeration (CWE): CWE-476: NULL Pointer Dereference
CWE Description: NULL pointer dereferences are frequently resultant from rarely encountered error conditions, since these are most likely to escape detection during the testing phases.
Scores
- Impact Score: 6.4
- Exploitability Score: 10.0
- CVSS: 7.5
- CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact
- Availability: PARTIAL
- Confidentiality: PARTIAL
- Integrity: PARTIAL
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2017-12627 vulnerability.
References
- http://xerces.apache.org/xerces-c/secadv/CVE-2017-12627.txt
- http://seclists.org/oss-sec/2018/q1/203
- http://www.securityfocus.com/bid/103219
- https://lists.debian.org/debian-lts-announce/2018/03/msg00032.html
- https://kc.mcafee.com/corporate/index?page=content&id=SB10365
See also: All popular products CVE Vulnerabilities of apache
CVE-2012-0880: Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a…
Published: 2017-08-08T21:29:00 Last Modified: 2017-08-18T11:56:00
Summary
Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.
Common Weakness Enumeration (CWE): CWE-399: Resource Management Errors
CWE Description: This entry has been deprecated. It was originally used for organizing the Development View (CWE-699) and some other views, but it introduced unnecessary complexity and depth to the resulting tree.
Scores
- Impact Score: 6.9
- Exploitability Score: 10.0
- CVSS: 7.8
- CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Impact
- Availability: COMPLETE
- Confidentiality: NONE
- Integrity: NONE
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2012-0880 vulnerability.
References
See also: All popular products CVE Vulnerabilities of apache
CVE-2016-4463: Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers…
Published: 2016-07-08T19:59:00 Last Modified: 2018-11-07T11:29:00
Summary
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
Common Weakness Enumeration (CWE): CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE Description: The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Scores
- Impact Score: 2.9
- Exploitability Score: 10.0
- CVSS: 5.0
- CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact
- Availability: PARTIAL
- Confidentiality: NONE
- Integrity: NONE
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2016-4463 vulnerability.
References
- http://www.securitytracker.com/id/1036211
- https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=10510&version=12336069
- http://xerces.apache.org/xerces-c/secadv/CVE-2016-4463.txt
- https://www.debian.org/security/2016/dsa-3610
- http://packetstormsecurity.com/files/137714/Apache-Xerces-C-XML-Parser-Crash.html
- http://www.securityfocus.com/bid/91501
- https://issues.apache.org/jira/browse/XERCESC-2069
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.securityfocus.com/archive/1/538784/100/0/threaded
- https://access.redhat.com/errata/RHSA-2018:3335
- https://access.redhat.com/errata/RHSA-2018:3514
- https://access.redhat.com/errata/RHSA-2018:3506
- https://www.oracle.com/security-alerts/cpuapr2020.html
See also: All popular products CVE Vulnerabilities of apache
CVE-2016-2099: Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and…
Published: 2016-05-13T14:59:00 Last Modified: 2018-10-30T16:27:00
Summary
Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier allows context-dependent attackers to have unspecified impact via an invalid character in an XML document.
Scores
- Impact Score: 10.0
- Exploitability Score: 10.0
- CVSS: 10.0
- CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Impact
- Availability: COMPLETE
- Confidentiality: COMPLETE
- Integrity: COMPLETE
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2016-2099 vulnerability.
References
- https://issues.apache.org/jira/browse/XERCESC-2066
- http://www.openwall.com/lists/oss-security/2016/05/09/7
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00016.html
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00013.html
- http://www.debian.org/security/2016/dsa-3579
- http://www.securityfocus.com/bid/90502
- https://security.gentoo.org/glsa/201612-46
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
See also: All popular products CVE Vulnerabilities of apache
CVE-2016-0729: Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3)…
Published: 2016-04-07T21:59:00 Last Modified: 2018-10-17T01:29:00
Summary
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
Common Weakness Enumeration (CWE): CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE Description: The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Scores
- Impact Score: 6.4
- Exploitability Score: 10.0
- CVSS: 7.5
- CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact
- Availability: PARTIAL
- Confidentiality: PARTIAL
- Integrity: PARTIAL
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2016-0729 vulnerability.
References
- https://issues.apache.org/jira/browse/XERCESC-2061
- http://xerces.apache.org/xerces-c/secadv/CVE-2016-0729.txt
- http://packetstormsecurity.com/files/135949/Apache-Xerces-C-XML-Parser-Buffer-Overflow.html
- http://www.debian.org/security/2016/dsa-3493
- http://svn.apache.org/viewvc?view=revision&revision=1727978
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182062.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182597.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-April/182131.html
- http://www.securityfocus.com/bid/83423
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://lists.opensuse.org/opensuse-updates/2016-07/msg00053.html
- http://lists.opensuse.org/opensuse-updates/2016-04/msg00012.html
- http://lists.opensuse.org/opensuse-updates/2016-04/msg00086.html
- https://security.gentoo.org/glsa/201612-46
- http://www.securitytracker.com/id/1035113
- http://www.securityfocus.com/archive/1/537620/100/0/threaded
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
See also: All popular products CVE Vulnerabilities of apache
CVE-2015-0252: internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial…
Published: 2015-03-24T17:59:00 Last Modified: 2018-10-17T01:29:00
Summary
internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.
Common Weakness Enumeration (CWE): CWE-20: Improper Input Validation
CWE Description: The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Scores
- Impact Score: 2.9
- Exploitability Score: 10.0
- CVSS: 5.0
- CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact
- Availability: PARTIAL
- Confidentiality: NONE
- Integrity: NONE
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Exploits Database (Total Exploits Count: 1)
Code designed for conducting penetration testing on CVE-2015-0252 vulnerability.
References
- http://www.debian.org/security/2015/dsa-3199
- http://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152882.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html
- https://shibboleth.net/community/advisories/secadv_20150319.txt
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153923.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html
- http://packetstormsecurity.com/files/131756/Apache-Xerces-C-XML-Parser-Denial-Of-Service.html
- https://www.exploit-db.com/exploits/36906/
- http://lists.opensuse.org/opensuse-updates/2016-04/msg00012.html
- http://www.securityfocus.com/bid/73252
- http://rhn.redhat.com/errata/RHSA-2015-1193.html
- http://www.securitytracker.com/id/1032254
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
See also: All popular products CVE Vulnerabilities of apache
CVE-2009-1885: Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and…
Published: 2009-08-11T18:30:00 Last Modified: 2017-08-17T01:30:00
Summary
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in “simply nested DTD structures,” as demonstrated by the Codenomicon XML fuzzing framework.
Common Weakness Enumeration (CWE): CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE Description: The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
Scores
- Impact Score: 2.9
- Exploitability Score: 8.6
- CVSS: 4.3
- CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Impact
- Availability: PARTIAL
- Confidentiality: NONE
- Integrity: NONE
Access
- Authentication: NONE
- Complexity: MEDIUM
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2009-1885 vulnerability.
References
- http://www.codenomicon.com/labs/xml/
- http://www.networkworld.com/columnists/2009/080509-xml-flaw.html
- https://bugzilla.redhat.com/show_bug.cgi?id=515515
- http://svn.apache.org/viewvc?view=rev&revision=781488
- http://svn.apache.org/viewvc/xerces/c/trunk/src/xercesc/validators/DTD/DTDScanner.cpp?r1=781488&r2=781487&pathrev=781488&view=patch
- http://www.cert.fi/en/reports/2009/vulnerability2009085.html
- http://www.vupen.com/english/advisories/2009/2196
- http://secunia.com/advisories/36201
- http://www.securityfocus.com/bid/35986
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01001.html
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01150.html
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01136.html
- https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01099.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:223
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52321
See also: All popular products CVE Vulnerabilities of apache
CVE-2008-4482: The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of…
Published: 2008-10-08T02:00:00 Last Modified: 2017-08-08T01:32:00
Summary
The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file.
Common Weakness Enumeration (CWE): CWE-20: Improper Input Validation
CWE Description: The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Scores
- Impact Score: 6.9
- Exploitability Score: 10.0
- CVSS: 7.8
- CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Impact
- Availability: COMPLETE
- Confidentiality: NONE
- Integrity: NONE
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2008-4482 vulnerability.
References
- http://xerces.apache.org/xerces-c/releases.html
- http://issues.apache.org/jira/browse/XERCESC-1051
- http://secunia.com/advisories/32108
- http://www.securityfocus.com/bid/31533
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45596
See also: All popular products CVE Vulnerabilities of apache
CVE-2004-1575: The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU…
Published: 2004-12-31T05:00:00 Last Modified: 2017-07-11T01:31:00
Summary
The XML parser in Xerces-C++ 2.5.0 allows remote attackers to cause a denial of service (CPU consumption) via XML attributes in a crafted XML document.
Scores
- Impact Score: 2.9
- Exploitability Score: 10.0
- CVSS: 5.0
- CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact
- Availability: PARTIAL
- Confidentiality: NONE
- Integrity: NONE
Access
- Authentication: NONE
- Complexity: LOW
- Vector: NETWORK
Currently, there is no code for exploiting the CVE-2004-1575 vulnerability.
References
- http://www.securityfocus.com/bid/11312
- http://secunia.com/advisories/12715
- http://marc.info/?l=bugtraq&m=109674050017645&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17575
See also: All popular products CVE Vulnerabilities of apache